Re: Temporary credentials timeout during long operations

["brian m. carlson" <sandals@crustytoothpaste.net>]

[-- Attachment #1: Type: text/plain, Size: 1658 bytes --]

[Please keep the list in CC.  Other people may have important
contributions to the discussion, and due to weather, I may be offline at
some point in the future and be unable to respond.]

On 2020-08-26 at 00:18:05, Peterson, Alex wrote:
> Hi Brian,
> 
> Unfortunately, even if the server returns a 401, git will retry but with the old expired credentials which will fail.  I believe it is because of this line that checks if a username/password already exists (which it does)
> https://github.com/git/git/blob/07d8ea56f2ecb64b75b92264770c0a664231ce17/credential.c#L338
> 
> In my test I cleared the username and password to force it to re-request credentials and that worked OK.

Ah, yes.  In that case, it looks like we call credential_reject and then
return HTTP_NOAUTH.  I think the assumption is that the credential
helper returns a consistent set of credentials and once we've told the
credential helper to reject them, then the user can push again and be
prompted for new credentials.

I would be open to seeing a patch which, the first time through,
returned HTTP_REAUTH.  We wouldn't want to do that indefinitely, since
that would mean that the user would get stuck in a loop if the
credentials were wrong.

I will say that my gut tells me that it's generally a reasonable
assumption that credentials are valid for the life of a push, whatever
that is, so while I'm not opposed to seeing a patch to improve this, I'm
not especially sympathetic to using credentials that have such a short
lifetime that this occurs, even if I am in general in support of
short-lived credentials.
-- 
brian m. carlson: Houston, Texas, US

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 263 bytes --]